CVE Catalog

CVE-2026-13928

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.32%

23th percentile — higher than 23% of all known CVEs

Summary

Insufficient validation of untrusted input in the Enterprise component in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page.

Risk Assessment

The organization faces the risk of privilege escalation by a remote attacker, potentially leading to unauthorized access to sensitive data or systems.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later to remediate the vulnerability.

Original NVD description (English source)

Insufficient validation of untrusted input in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS